Linux 4.11-rc6
[linux/fpc-iii.git] / security / keys / dh.c
blob893af4c450382ae45085d9efbfb1f3134a1b9479
1 /* Crypto operations using stored keys
3 * Copyright (c) 2016, Intel Corporation
5 * This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License
7 * as published by the Free Software Foundation; either version
8 * 2 of the License, or (at your option) any later version.
9 */
11 #include <linux/mpi.h>
12 #include <linux/slab.h>
13 #include <linux/uaccess.h>
14 #include <keys/user-type.h>
15 #include "internal.h"
18 * Public key or shared secret generation function [RFC2631 sec 2.1.1]
20 * ya = g^xa mod p;
21 * or
22 * ZZ = yb^xa mod p;
24 * where xa is the local private key, ya is the local public key, g is
25 * the generator, p is the prime, yb is the remote public key, and ZZ
26 * is the shared secret.
28 * Both are the same calculation, so g or yb are the "base" and ya or
29 * ZZ are the "result".
31 static int do_dh(MPI result, MPI base, MPI xa, MPI p)
33 return mpi_powm(result, base, xa, p);
36 static ssize_t mpi_from_key(key_serial_t keyid, size_t maxlen, MPI *mpi)
38 struct key *key;
39 key_ref_t key_ref;
40 long status;
41 ssize_t ret;
43 key_ref = lookup_user_key(keyid, 0, KEY_NEED_READ);
44 if (IS_ERR(key_ref)) {
45 ret = -ENOKEY;
46 goto error;
49 key = key_ref_to_ptr(key_ref);
51 ret = -EOPNOTSUPP;
52 if (key->type == &key_type_user) {
53 down_read(&key->sem);
54 status = key_validate(key);
55 if (status == 0) {
56 const struct user_key_payload *payload;
58 payload = user_key_payload_locked(key);
60 if (maxlen == 0) {
61 *mpi = NULL;
62 ret = payload->datalen;
63 } else if (payload->datalen <= maxlen) {
64 *mpi = mpi_read_raw_data(payload->data,
65 payload->datalen);
66 if (*mpi)
67 ret = payload->datalen;
68 } else {
69 ret = -EINVAL;
72 up_read(&key->sem);
75 key_put(key);
76 error:
77 return ret;
80 long keyctl_dh_compute(struct keyctl_dh_params __user *params,
81 char __user *buffer, size_t buflen,
82 void __user *reserved)
84 long ret;
85 MPI base, private, prime, result;
86 unsigned nbytes;
87 struct keyctl_dh_params pcopy;
88 uint8_t *kbuf;
89 ssize_t keylen;
90 size_t resultlen;
92 if (!params || (!buffer && buflen)) {
93 ret = -EINVAL;
94 goto out;
96 if (copy_from_user(&pcopy, params, sizeof(pcopy)) != 0) {
97 ret = -EFAULT;
98 goto out;
101 if (reserved) {
102 ret = -EINVAL;
103 goto out;
106 keylen = mpi_from_key(pcopy.prime, buflen, &prime);
107 if (keylen < 0 || !prime) {
108 /* buflen == 0 may be used to query the required buffer size,
109 * which is the prime key length.
111 ret = keylen;
112 goto out;
115 /* The result is never longer than the prime */
116 resultlen = keylen;
118 keylen = mpi_from_key(pcopy.base, SIZE_MAX, &base);
119 if (keylen < 0 || !base) {
120 ret = keylen;
121 goto error1;
124 keylen = mpi_from_key(pcopy.private, SIZE_MAX, &private);
125 if (keylen < 0 || !private) {
126 ret = keylen;
127 goto error2;
130 result = mpi_alloc(0);
131 if (!result) {
132 ret = -ENOMEM;
133 goto error3;
136 kbuf = kmalloc(resultlen, GFP_KERNEL);
137 if (!kbuf) {
138 ret = -ENOMEM;
139 goto error4;
142 ret = do_dh(result, base, private, prime);
143 if (ret)
144 goto error5;
146 ret = mpi_read_buffer(result, kbuf, resultlen, &nbytes, NULL);
147 if (ret != 0)
148 goto error5;
150 ret = nbytes;
151 if (copy_to_user(buffer, kbuf, nbytes) != 0)
152 ret = -EFAULT;
154 error5:
155 kfree(kbuf);
156 error4:
157 mpi_free(result);
158 error3:
159 mpi_free(private);
160 error2:
161 mpi_free(base);
162 error1:
163 mpi_free(prime);
164 out:
165 return ret;